Merge pull request #1783 from coltea/fix-app-perm

coltea · web-flow · commit 9724ef4f3107 · 2026-04-08T15:51:54.000+08:00
fix(app) editor perms修 复后台编辑页面普通用户无法获取知识库配置信息
diff --git a/backend/handler/v1/app.go b/backend/handler/v1/app.go
@@ -35,10 +35,10 @@ func NewAppHandler(e *echo.Echo, baseHandler *handler.BaseHandler, logger *log.L
 		config:              config,
 	}
 
-	group := e.Group("/api/v1/app", h.auth.Authorize, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))
-	group.GET("/detail", h.GetAppDetail)
-	group.PUT("", h.UpdateApp)
-	group.DELETE("", h.DeleteApp)
+	group := e.Group("/api/v1/app", h.auth.Authorize)
+	group.GET("/detail", h.GetAppDetail, h.auth.ValidateKBUserPerm(consts.UserKBPermissionDocManage))
+	group.PUT("", h.UpdateApp, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))
+	group.DELETE("", h.DeleteApp, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))
 
 	return h
 }
@@ -73,6 +73,9 @@ func (h *AppHandler) GetAppDetail(c echo.Context) error {
 	if err != nil {
 		return h.NewResponseWithError(c, "get app detail failed", err)
 	}
+	if authInfo := domain.GetAuthInfoFromCtx(ctx); authInfo != nil && authInfo.Permission == consts.UserKBPermissionDocManage {
+		app = h.usecase.SanitizeAppDetailForDocManage(app)
+	}
 	return h.NewResponseWithData(c, app)
 }
 
diff --git a/backend/usecase/app.go b/backend/usecase/app.go
@@ -587,6 +587,37 @@ func (u *AppUsecase) GetAppDetailByKBIDAndAppType(ctx context.Context, kbID stri
 	return appDetailResp, nil
 }
 
+func (u *AppUsecase) SanitizeAppDetailForDocManage(app *domain.AppDetailResp) *domain.AppDetailResp {
+	if app == nil {
+		return nil
+	}
+
+	sanitized := &domain.AppDetailResp{
+		ID:   app.ID,
+		KBID: app.KBID,
+		Name: app.Name,
+		Type: app.Type,
+	}
+
+	if app.Type != domain.AppTypeWeb {
+		return sanitized
+	}
+
+	sanitized.Settings = domain.AppSettingsResp{
+		ThemeMode:           app.Settings.ThemeMode,
+		ThemeAndStyle:       app.Settings.ThemeAndStyle,
+		CatalogSettings:     app.Settings.CatalogSettings,
+		WatermarkContent:    app.Settings.WatermarkContent,
+		WatermarkSetting:    app.Settings.WatermarkSetting,
+		CopySetting:         app.Settings.CopySetting,
+		ContributeSettings:  app.Settings.ContributeSettings,
+		ConversationSetting: app.Settings.ConversationSetting,
+		HomePageSetting:     app.Settings.HomePageSetting,
+	}
+
+	return sanitized
+}
+
 func (u *AppUsecase) GetMCPServerAppInfo(ctx context.Context, kbID string) (*domain.AppInfoResp, error) {
 	apiApp, err := u.repo.GetOrCreateAppByKBIDAndType(ctx, kbID, domain.AppTypeMcpServer)
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -35,10 +35,10 @@ func NewAppHandler(e echo.Echo, baseHandler handler.BaseHandler, logger *log.L`
`35`	`35`	`config: config,`
`36`	`36`	`}`
`37`	`37`
`38`		`- group := e.Group("/api/v1/app", h.auth.Authorize, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))`
`39`		`- group.GET("/detail", h.GetAppDetail)`
`40`		`- group.PUT("", h.UpdateApp)`
`41`		`- group.DELETE("", h.DeleteApp)`
	`38`	`+ group := e.Group("/api/v1/app", h.auth.Authorize)`
	`39`	`+ group.GET("/detail", h.GetAppDetail, h.auth.ValidateKBUserPerm(consts.UserKBPermissionDocManage))`
	`40`	`+ group.PUT("", h.UpdateApp, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))`
	`41`	`+ group.DELETE("", h.DeleteApp, h.auth.ValidateKBUserPerm(consts.UserKBPermissionFullControl))`
`42`	`42`
`43`	`43`	`return h`
`44`	`44`	`}`
`@@ -73,6 +73,9 @@ func (h *AppHandler) GetAppDetail(c echo.Context) error {`
`73`	`73`	`if err != nil {`
`74`	`74`	`return h.NewResponseWithError(c, "get app detail failed", err)`
`75`	`75`	`}`
	`76`	`+ if authInfo := domain.GetAuthInfoFromCtx(ctx); authInfo != nil && authInfo.Permission == consts.UserKBPermissionDocManage {`
	`77`	`+ app = h.usecase.SanitizeAppDetailForDocManage(app)`
	`78`	`+ }`
`76`	`79`	`return h.NewResponseWithData(c, app)`
`77`	`80`	`}`
`78`	`81`